improved authentication check

2021-09-24 15:49:51 +02:00 · 2021-09-24 15:49:51 +02:00 · f59f3183f2
commit f59f3183f2
parent ed932e3c92
4 changed files with 27 additions and 32 deletions
--- a/internal/errors/errors.go
+++ b/internal/errors/errors.go
@ -2,6 +2,10 @@ package s3browser
 import "fmt"
 var (
 	ErrNotAuthenticated = ExtendError("UNAUTHENTICATED", "No valid authentication provided")
 )
 type ExtendedError struct {
 	Message string
 	Code    string
--- a/internal/gql/schema.go
+++ b/internal/gql/schema.go
@ -6,6 +6,7 @@ import (
 	"github.com/graph-gophers/dataloader"
 	"github.com/graphql-go/graphql"
 	s3errors "git.kapelle.org/niklas/s3browser/internal/errors"
 	helper "git.kapelle.org/niklas/s3browser/internal/helper"
 	types "git.kapelle.org/niklas/s3browser/internal/types"
 	log "github.com/sirupsen/logrus"
@ -23,8 +24,8 @@ func GraphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				if is, err := helper.IsAuth(p.Context); !is {
+				if helper.IsAuthenticated(p.Context) {
-					return nil, err
+					return nil, s3errors.ErrNotAuthenticated
 				}
 				path, ok := p.Args["path"].(string)
@ -48,8 +49,8 @@ func GraphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				if is, err := helper.IsAuth(p.Context); !is {
+				if helper.IsAuthenticated(p.Context) {
-					return nil, err
+					return nil, s3errors.ErrNotAuthenticated
 				}
 				path, ok := p.Args["path"].(string)
@ -73,8 +74,8 @@ func GraphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				if is, err := helper.IsAuth(p.Context); !is {
+				if helper.IsAuthenticated(p.Context) {
-					return nil, err
+					return nil, s3errors.ErrNotAuthenticated
 				}
 				id, ok := p.Args["id"].(string)
@ -94,7 +95,7 @@ func GraphqlSchema() (graphql.Schema, error) {
 			Type:        graphql.NewNonNull(graphql.Boolean),
 			Description: "True if the user is authorized",
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				auth, _ := helper.IsAuth(p.Context)
+				auth := helper.IsAuthenticated(p.Context)
 				return auth, nil
 			},
@ -110,8 +111,8 @@ func GraphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				if is, err := helper.IsAuth(p.Context); !is {
+				if helper.IsAuthenticated(p.Context) {
-					return nil, err
+					return nil, s3errors.ErrNotAuthenticated
 				}
 				id, ok := p.Args["id"].(string)
@ -135,8 +136,8 @@ func GraphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				if is, err := helper.IsAuth(p.Context); !is {
+				if helper.IsAuthenticated(p.Context) {
-					return nil, err
+					return nil, s3errors.ErrNotAuthenticated
 				}
 				src, ok := p.Args["src"].(string)
@ -164,8 +165,8 @@ func GraphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				if is, err := helper.IsAuth(p.Context); !is {
+				if helper.IsAuthenticated(p.Context) {
-					return nil, err
+					return nil, s3errors.ErrNotAuthenticated
 				}
 				src, ok := p.Args["src"].(string)
@ -190,8 +191,8 @@ func GraphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				if is, err := helper.IsAuth(p.Context); !is {
+				if helper.IsAuthenticated(p.Context) {
-					return nil, err
+					return nil, s3errors.ErrNotAuthenticated
 				}
 				path, ok := p.Args["path"].(string)
@ -212,8 +213,8 @@ func GraphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
-				if is, err := helper.IsAuth(p.Context); !is {
+				if helper.IsAuthenticated(p.Context) {
-					return nil, err
+					return nil, s3errors.ErrNotAuthenticated
 				}
 				path, ok := p.Args["path"].(string)
--- a/internal/helper/helper.go
+++ b/internal/helper/helper.go
@ -12,7 +12,6 @@ import (
 	"github.com/minio/minio-go/v7"
 	log "github.com/sirupsen/logrus"
 	errors "git.kapelle.org/niklas/s3browser/internal/errors"
 	types "git.kapelle.org/niklas/s3browser/internal/types"
 )
@ -114,18 +113,9 @@ func GetParentDir(id string) string {
 	return NomalizeID(parent)
 }
-func IsAuth(ctx context.Context) (bool, error) {
+func IsAuthenticated(ctx context.Context) bool {
 	token, ok := ctx.Value("jwt").(*jwt.Token)
-
+	return (ok && token.Valid)
 	if !ok {
 		return false, errors.ExtendError("UNAUTHORIZED", "Unauthorized")
 	}
 	if token.Valid {
 		return true, nil
 	} else {
 		return false, errors.ExtendError("UNAUTHORIZED", "Unauthorized")
 	}
 }
 func CreateJWT(claims *types.JWTClaims) *jwt.Token {
--- a/internal/httpserver/httpServer.go
+++ b/internal/httpserver/httpServer.go
@ -101,7 +101,7 @@ func InitHttp(resolveContext context.Context, schema graphql.Schema, address str
 }
 func httpGetFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
-	if is, _ := helper.IsAuth(r.Context()); !is {
+	if helper.IsAuthenticated(r.Context()) {
 		rw.WriteHeader(http.StatusUnauthorized)
 		return
 	}
@ -145,7 +145,7 @@ func httpGetFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
 }
 func httpPostFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
-	if is, _ := helper.IsAuth(r.Context()); !is {
+	if helper.IsAuthenticated(r.Context()) {
 		rw.WriteHeader(http.StatusUnauthorized)
 		return
 	}
@ -244,7 +244,7 @@ func logout(rw http.ResponseWriter, r *http.Request) {
 }
 func refreshToken(rw http.ResponseWriter, r *http.Request) {
-	if is, _ := helper.IsAuth(r.Context()); !is {
+	if helper.IsAuthenticated(r.Context()) {
 		rw.WriteHeader(http.StatusUnauthorized)
 		return
 	}